F5 BIG-IP Traffic Management Microkernel Denial-of-Service Vulnerability

A denial-of-service vulnerability has been identified in the Traffic Management Microkernel (TMM) of F5 BIG-IP systems. When operating on a multi-bladed platform with more than one blade, certain undisclosed traffic can lead to the termination of the TMM process. This disruption causes a temporary outage as the TMM process restarts, allowing remote, unauthenticated attackers to interfere with traffic management functions. The vulnerability is present in multiple BIG-IP branches, including BIG-IP Next SPK, BIG-IP Next CNF, and various 15.x, 16.x, and 17.x releases.

Impact

Exploitation of this vulnerability causes a denial-of-service condition on the BIG-IP system, disrupting traffic management processes while the TMM component restarts.

Remediation

F5 has released engineering hotfixes for affected BIG-IP versions. These hotfixes can be downloaded from the MyF5 Downloads page. F5 also recommends configuring BIG-IP systems with high availability to mitigate the impact of this vulnerability.